Can you call
malware art? That’s the question up for debate this week as Chinese Internet
artist Guo O Dong puts a laptop hosting a collection of viruses up for auction.
Well-heeled patrons certainly seem to think its art – bidding had reached a
cool $1.2m at the time of writing.

Dong has infected
a 2008 Samsung netbook running Windows XP3 with six of the nastiest, most
disruptive viruses ever created. You’d think that for $1.2m he could have at
least thrown in a desktop computer with a decent GPU.

Nobody doubts the
industry has a problem. Advertising keeps websites and advertisers afloat but
at the expense of all sorts of privacy-bashing tracking that follows, profiles
and gathers as much data about users as it can using cross-site tracking.

A lot of web
users are fed up with this, hence the popularity of ad blockers and the rise of
ad-limiting features in rival browsers such as Firefox.

But according to
Wilander, the problem isn’t advertising per se, but the sense that web
surveillance has become about not merely understanding what users do but
who they are.

The combination of third-party web tracking and ad
campaign measurement has led many to conflate web privacy with a web free of
advertisements.

Undoubtedly true,
but arguably a woe the industry has brought on itself. Can privacy and
advertising be reconciled?

The latest ripple
in the years-long, lawsuit-jammed, regulators-aggravating brouhaha known as batterygate:
Apple has pledged to warn iPhone owners if an update is likely to slow down
their phones.

The UK
Competition and Markets Authority (CMA) said on
Wednesday that Apple has agreed to “notify consumers in a clear manner” if an
iOS update “materially changes the impact of performance management” on an
iPhone:

To ensure
compliance with consumer law Apple has formally agreed to improve the
information it provides to people about the battery health of their phones and
the impact performance management software may have on their phones.

The CMA got
involved last year, concerned that people might have tried to repair their
phone or replace it because they weren’t aware the software update had caused
the handset to slow down.

In addition, the
CMA said, people couldn’t easily find information about the health of their
phone’s battery, which can degrade over time.

What Apple hadn’t
told consumers – but which it would later confess – is that in an attempt to
work around iPhones shutting off while still showing 30% of battery life, it
released iOS 10.2.1, which throttled the CPU performance of the iPhone 6,
iPhone 6s and iPhone SE with older batteries.

It all came to a
head when hard benchmark data showing the CPU throttling was posted to Reddit.

The Irish Data
Protection Commission (DPC) announced
on Wednesday that it’s launched a probe into whether Google’s processing of
personal data as part of its Ad Exchange is breaching General Data Protection
Regulation (GDPR)
rules.

The DPC said that
the probe was triggered by Dr. Johnny Ryan, among others. Dr. Ryan is the Chief
Policy Officer (CPO) of the privacy-focused
Brave browser, which was founded by Brendan Eich, the inventor of JavaScript
and co-founder of Mozilla.

According to Dr.
Ryan,

Google’s DoubleClick/Authorized Buyers advertising
system is active on 8.4 million websites [and] is a driver of Google’s $19.9B
revenue from ads served on publishers’ websites and relies on broadcasting
users’ personal data, unbeknownst to them.

From the DPC’s
announcement:

Arising from the Data Protection Commission’s
ongoing examination of data protection compliance in the area of personalized
online advertising and a number of submissions to the Data Protection
Commission, including those made by Dr. Johnny Ryan of Brave, a statutory
inquiry pursuant to section 110 of the Data Protection Act 2018 has been
commenced in respect of Google Ireland Limited’s processing of personal data in
the context of its online Ad Exchange.

Formal
complaint from Brave

In September,
Ryan submitted a formal complaint – to both the Information Commissioner’s
Office (ICO) in the UK and to the Irish DPC – against Google and
a number of other ad technology firms. Joining him in the complaint were
Executive Director of the Open Rights Group Jim Killock and Michael Veale of
University College London.

The complaint
says that Google’s DoubleClick/Authorized Buyers advertising system is leaking
personal data of website visitors to thousands of companies, without people
being aware, able to consent, nor empowered to do anything about it.

Oops, Google said
on Tuesday: you know that domain administrator’s tool to reset passwords in the
G Suite enterprise product? The one we implemented back in 2005, as in, 14
years ago?

We goofed, Google
said. The company’s been storing copies of unhashed passwords – as in,
plaintext, unencrypted passwords – all this time.

From a blog
post written by Google vice president of engineering Suzanne Frey:

We made an error when implementing this functionality
back in 2005: The admin console stored a copy of the unhashed password. This
practice did not live up to our standards.

Only a small
number of enterprise customers were affected, she said, though Google hasn’t
put a number on it. People using the free, consumer version weren’t affected.
Google’s notified a subset of its enterprise G Suite customers that some of
their passwords were stored in plaintext in its encrypted internal systems.

Frey said that no
harm came of it, as far as Google can ascertain, and it’s since been fixed:

To be clear, these passwords remained in our
secure encrypted infrastructure. This issue has been fixed and we have seen no
evidence of improper access to or misuse of the affected passwords.

How it’s
supposed to work

The way Google
typically handles passwords is by scrambling them with a hashing algorithm so
humans can’t read them. It then stores hashed passwords along with their
usernames. Then, both usernames and hashed passwords are encrypted before being
saved to disk.

ACS

Centrally located in Winter Haven, we serve residential and business clients in and around Polk County.

9 Camellia Drive
Winter Haven, FL 33880863-229-4244

Our Promise to You

Plain language, no tech-talk

We will never try to over-sell you a product you don't need.

Advanced Computer Services of Central Florida is your local, hometown computer service and repair company that can do more than just fix your PC. We offer highly skilled professionals who can be counted on to give you sound advice on upgrades, software and hardware, commercial & residential networks, hardwire or secure wireless.